Enhanced Personal Information Management

Protect User PII Data with Enhanced Personal Information Management

By

Editor’s note: This post was updated on June 14, 2022, with the latest information and resources. 

In the Winter ’22 release, we’ll roll out the ability to prevent external users, such as portal or partner users, from viewing personal information in your user records by enabling the Enhanced Personal Information Management permission. This permission replaces the less-configurable Hide Personal Information setting, which will be retired in the Winter ’23 Release. So, to help you prepare, let’s dive into the Enhanced Personal Information Management permission.

Protecting Your Users’ Data

To protect your external users’ data, Salesforce introduced security settings that let you control personal user information visibility. As an example, let’s say we have two external users, Astro and Codey. Astro can see and edit his own personal information, such as his address, email, and phone number. However, Astro can’t see Codey’s personal information. Similarly, Codey can edit his own personal information but not Astro’s.

Previously, you secured your external user’s personal information with Hide Personal Information, which protected 10 User fields. Hide Personal Information will be retired in Winter ’23 and is being replaced with Enhanced Personal Information Management.

With Enhanced Personal Information Management, you get a more secure framework that:

These settings are available in the User Management settings.

Enhanced Personal Information Management section of the User Management Settings page in Winter '22.

Enhanced Personal Information Management secures 20 fields by setting each field’s compliance category as “PersonalInfo”. As an admin, you choose which fields are considered personal information. From the Object Manager, on the User object, choose a field, such as “About Me.” Edit the field and choose whether the Compliance Categorization should be set as “PersonalInfo”. Please note, if you are enabling Enhanced Personal Information Management in Spring ‘22, or later, the admin experience has changed. Instead of using the Compliance Categorization, you now manage what fields are considered PII through a FieldSet. See changes in Spring ’22 at Enhanced management for protecting external user PII. The images on this Winter ’22 blog post are still accurate for customers who enabled Enhanced Personal Information Management in Winter ’22.

The About Me custom field and the Compliance Categorization attribute.

Once a field is set as “PersonalInfo”, it will be hidden from other external users. Since Enhanced Personal Information Management is more secure and configurable, don’t wait to get this enabled in your org!

Before enabling, we recommend you:

  • Decide which fields should be considered personal information for your external users, and adjust your standard and custom fields accordingly. This means assigning each field that you want as personal information by editing the field’s Compliance Categorization to “PersonalInfo”.
  • Have either Hide Personal Information or Enhanced Personal Information Management enabled, but not both.
  • Test in a sandbox prior to enabling in Production.

Resources

Image of Mia Pacey next to text that says "Skills for Success: Security Management."

Hone Your Security Management Skills as a Salesforce Admin

As Salesforce Admins, we work with important data and have a powerful platform at our fingertips. But as the saying goes, with great power comes great responsibility. You, as an admin, must promote a culture of positive security controls, protect your organization’s data from unauthorized access, and be security responsible. You play a crucial role […]

READ MORE
Green meadow and text that says "Admin Configuration Kit: Security & Visibility."

Design User Security and Visibility with This Admin Configuration Kit

What’s an Admin Configuration Kit? Let’s set the scene. You’re an admin. You’ve talked to your users. You know what they want, functionally, but you don’t know how to configure it. You don’t even know what you’re supposed to configure! Normally at this point, you’d start searching Google, Help & Training, Trailhead, the Trailblazer Community, […]

READ MORE
Ruth and Cloudy having a picnic next to text that says "Learn MOAR: #5 Event Monitoring."

Learn MOAR in Spring ’22 with Event Monitoring 💻

Follow and complete a Learn MOAR Spring ’22 trailmix for admins or developers by March 31, 2022, 11:59 p.m. PT, to earn a special community badge and enter for a chance to win one of five $200 USD Salesforce Certification vouchers. Learn how to participate and review the Official Rules by visiting the Trailhead Quests […]

READ MORE

Have an Idea for a Story?

We are all about the community and sharing ideas.
Do you have an interesting idea or useful tip that you want to share?

SHARE YOUR IDEA